IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
ebbfdf9e5c3bf75f294ddfef4428798d2b50e361
mattermost/app/server.go

712 lines
19 KiB
Go
Raw Normal View History

PLT-5860 Updated copyright date (#6058) * PLT-5860 Updated copyright date in about modal * PLT-5860 Updated copyright notice in JSX files * PLT-5860 Updated copyright notice in go files * Fixed misc copyright dates * Fixed component snapshots
2017-04-12 08:27:57 -04:00
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
first commit
2015-06-14 23:53:32 -08:00
// See License.txt for license information.
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge
2017-01-13 13:53:37 -05:00
package app
first commit
2015-06-14 23:53:32 -08:00
import (
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
"context"
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
"crypto/ecdsa"
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
"crypto/tls"
improve error handling around invalid Forward80To443 settings (#8496) * If Forward80To443 is true, but not configured to listen on 443, fail to start the server with an error message. * If Forward80To443 is false and LetsEncrypt is true, fail to start the server with an error message.
2018-03-23 12:33:50 -04:00
"fmt"
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
"net"
Modifications to rate limiting settings. (#4091)
2016-09-26 12:56:12 -04:00
"net/http"
Add siteURL to WS origin check (#9183) * Add siteURL to WS origin check * Handle subpath * Only add site URL if not *
2018-07-30 17:21:57 -04:00
"net/url"
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
"os"
Modifications to rate limiting settings. (#4091)
2016-09-26 12:56:12 -04:00
"strings"
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
"sync"
"sync/atomic"
Modifications to rate limiting settings. (#4091)
2016-09-26 12:56:12 -04:00
"time"
first commit
2015-06-14 23:53:32 -08:00
"github.com/gorilla/mux"
Abort on critical error during server startup (#8204) Only a handful of critical errors are present in the codebase. They all occur during server startup (in `app.StartServer()`). Currently, when one of these critical error occurs, it is simpled mentionned in the logs – then the error is discarded, and the app attempts to continue the execution (and probably fails pretty quickly in a weird way). Rather than continuing operations in an unknow state, these errors should trigger a clean exit. This commit rewrites critical startup errors to be correctly propagated, logged, and then terminate the command execution. Additionnaly, it makes the server return a proper error code to the shell.
2018-02-07 13:41:15 +05:30
"github.com/pkg/errors"
MM-11160 Adding proper CORS support. (#9152) * Adding proper CORS support. * Better CORS tests.
2018-07-26 08:31:22 -07:00
"github.com/rs/cors"
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
"github.com/throttled/throttled"
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
"golang.org/x/crypto/acme/autocert"
Writing message to our logs when system panics and recovers (#6458)
2017-05-24 07:55:52 -07:00
MM-13893: refactor config (#10230) * refactor utils/config* to config/ * pull validateLdapFilter into app * clean up Config/GetConfig/GetSanitizedConfig usage Eliminate app.GetConfig() in favour of just using app.Config() directly, but expose app.GetSanitizedConfig() for when the old behaviour was required. * web: isolate config setup * TestInvitePeopleProvider: make config explicit * regenerateClientConfig: avoid racey map access * integrate watch flag into app.ConfigFile option * make app.Option return an error * release.mk: only cp static files from config/ * release.mk: fix cp static files from config/ * api4: TestPlugin cleanup * s/c/cfg/ for clarity * fix merge conflict * testlib: allow customization of testlib driver name
2019-02-12 08:37:54 -05:00
"github.com/mattermost/mattermost-server/config"
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
"github.com/mattermost/mattermost-server/einterfaces"
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
"github.com/mattermost/mattermost-server/jobs"
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
"github.com/mattermost/mattermost-server/mlog"
Renaming repo
2017-09-06 23:05:10 -07:00
"github.com/mattermost/mattermost-server/model"
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
"github.com/mattermost/mattermost-server/plugin"
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
"github.com/mattermost/mattermost-server/services/httpservice"
MM-10417 Add local image proxy and enable by default (#9967) * MM-10417 Add local image proxy and enable by default * Remove unused function * Add dependencies for willnorris/imageproxy * Fixed compilation errors * Lock to the master version of willnorris/imageproxy * Fix atmos/camo proxy when no SiteURL is specified * Re-add default values for deprecated settings * Fix unit tests added by merge * Pass imageproxy to App struct * Remove unneeded locking when creating the image proxy * Remove empty test file
2019-01-24 16:11:32 -04:00
"github.com/mattermost/mattermost-server/services/imageproxy"
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
"github.com/mattermost/mattermost-server/services/timezones"
Renaming repo
2017-09-06 23:05:10 -07:00
"github.com/mattermost/mattermost-server/store"
"github.com/mattermost/mattermost-server/utils"
first commit
2015-06-14 23:53:32 -08:00
)
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
var MaxNotificationsPerChannelDefault int64 = 1000000
first commit
2015-06-14 23:53:32 -08:00
type Server struct {
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge
2017-01-13 13:53:37 -05:00
Store store.Store
WebSocketRouter *WebSocketRouter
MM-10370: serve subpath (#8968) * factor out GetSubpathFromConfig * mv web/subpath.go to utils/subpath.go * serve up web, api and ws on /subpath if configured * pass config to utils.RenderWeb(App)?Error This allows the methods to extract the configured subpath and redirect to the appropriate `/subpath/error` handler. * ensure GetSubpathFromConfig returns trailing slashes deterministically * fix error 404 handling * redirect /subpath to /subpath/ This is necessary for the static handler to match, otherwise none of the registered routes find anything. This also makes it no longer necessary to add trailing slashes in the root router.
2018-06-21 14:31:51 -04:00
// RootRouter is the starting point for all HTTP requests to the server.
RootRouter *mux.Router
// Router is the starting point for all web, api4 and ws requests to the server. It differs
// from RootRouter only if the SiteURL contains a /subpath.
Router *mux.Router
Server *http.Server
ListenAddr *net.TCPAddr
RateLimiter *RateLimiter
Fix webconn shutdown race (#7631) * fix webconn shutdown race * make sure writePump returns promptly if readPump returns first * fix app shutdown race * minor improvement
2017-10-16 14:02:33 -07:00
didFinishListen chan struct{}
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
goroutineCount int32
goroutineExitSignal chan struct{}
MM-12974: guard app plugins with mutex (#9818) * guard app plugins with mutex Shutting down the app could race with a goroutine that uses the plugins environment, since we shut down the plugins first before cleaning up goroutines. * fix go vet issues
2018-11-20 08:52:51 -05:00
PluginsEnvironment *plugin.Environment
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
PluginConfigListenerId string
MM-12974: guard app plugins with mutex (#9818) * guard app plugins with mutex Shutting down the app could race with a goroutine that uses the plugins environment, since we shut down the plugins first before cleaning up goroutines. * fix go vet issues
2018-11-20 08:52:51 -05:00
PluginsLock sync.RWMutex
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
EmailBatching *EmailBatchingJob
EmailRateLimiter *throttled.GCRARateLimiter
Hubs []*Hub
HubsStopCheckingForDeadlock chan bool
PushNotificationsHub PushNotificationsHub
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
runjobs bool
Jobs *jobs.JobServer
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
clusterLeaderListeners sync.Map
licenseValue atomic.Value
clientLicenseValue atomic.Value
licenseListeners map[string]func()
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
timezones *timezones.Timezones
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
newStore func() store.Store
htmlTemplateWatcher *utils.HTMLTemplateWatcher
sessionCache *utils.Cache
MM-10856: deduplicate posts with the same pending post id (#10006) * MM-10856: deduplicate posts with the same pending post id Leverage a fixed size cache with a window of 30 seconds to deduplicate posts received by a single app server. Clients that duplicate the same pending post id will see one request potentially delayed until the first finishes, after which the same payload should be returned by both. Duplicate posts outside the 30 second window will not be de-duplicated. Note that the cache is not synchronized between app servers. In an HA cluster consisting of more than one app server, sticky load balancing (e.g. hashing by IP or Session ID) is required to route the users to the same app instance for multiple requests. Other options considered for this feature: * adding a column to the `Posts` table: rejected as being too heavyweight * maintaining a `PendingPostIds` table: similarly rejected for the database impact * using the pending post id as the post id and relying on the unique constraints on the Post table: rejected for being difficult to show that it's safe to use a client-provided value as the row identifier * utils/lru: simplify to ttl internally and for new methods * move seenPendingPostIdsCache to App.Server * just fail concurrent post requests, vs. trying to wait * add debug log when create post is deduplicated
2018-12-17 18:16:57 -05:00
seenPendingPostIdsCache *utils.Cache
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
configListenerId string
licenseListenerId string
logListenerId string
clusterLeaderListenerId string
MM-13893: introduce file store (#10243) * config file store Introduce an interface and concrete implementation for accessing the config. This mostly maps 1:1 with the exiting usage in `App`, except for internalizing the watcher. A future change will likely eliminate `App.PersistConfig()` and make this implicit on `Set` or `Patch` * experimental file test changes * emoji: move file driver checks from api4 to app It is no longer possible to app.UpdateConfig and provide an invalid configuration, making it hard to test this case. This check doesn't really belong in the api anyway, since it's a configuration validity check and not a permissions check. Either way, the check now occurs at the App level. * api4: generate valid public link salts for test * TestStartServerRateLimiterCriticalError: use mock store to test invalid config * remove config_test.go * remove needsSave, and have Load() save to the backing store as necessary * restore README.md * move ldap UserFilter check to model isValid checks * remove databaseStore until ready * remove unimplemented Patch * simplify unlockOnce implementation * revert forgetting to set s.Ldap * config/file.go: rename ReadOnlyConfigurationError to ErrReadOnlyConfiguration * config: export FileStore * add TestFileStoreSave * improved config/utils test coverage * restore config/README.md copy * tweaks * file store: acquire a write lock on Save/Close to safely close watcher * fix unmarshal_test.go
2019-02-12 14:19:01 -04:00
configStore config.Store
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
asymmetricSigningKey *ecdsa.PrivateKey
MM-10516: Added support for PostActions in ephemeral posts (#10258) * Added support for PostActions in ephemeral posts The general approach is that we take all the metadata that DoPostAction needs to process client DoPostActionRequests, and store it in a serialized, encrypted Cookie field, in the PostAction struct. The client then must send it back, and it is then used to process PostActions as a fallback top the metadata in the database. This PR adds a new config setting, `ServiceSettings.ActionCookieSecret`. In a cluster environment it must be the same for all instances. - Added type PostActionCookie, and a Cookie string to PostAction. - Added App.AddActionCookiesToPost. - Use App.AddActionCookiesToPost in api4.createEphemeralPost, App.SendEphemeralPost, App.UpdateEphemeralPost. - Added App.DoPostActionWithCookie to process incoming requests with cookies. For backward compatibility, it prefers the metadata in the database; falls back to cookie. - Added plugin.API.UpdateEphemeralPost and plugin.API.DeleteEphemeralPost. - Added App.encryptActionCookie/App.decryptActionCookie. * Style * Fixed an unfortunate typo, tested with matterpoll * minor PR feedback * Fixed uninitialized Context * Fixed another test failure * Fixed permission check * Added api test for DoPostActionWithCookie * Replaced config.ActionCookieSecret with Server.PostActionCookieSecret Modeled after AsymetricSigningKey * style * Set DeleteAt in DeleteEphemeralPost * PR feedback * Removed deadwood comment * Added EXPERIMENTAL comment to the 2 APIs in question
2019-03-01 10:15:31 -08:00
postActionCookieSecret []byte
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
pluginCommands []*PluginCommand
pluginCommandsLock sync.RWMutex
clientConfig map[string]string
clientConfigHash string
limitedClientConfig map[string]string
diagnosticId string
phase2PermissionsMigrationComplete bool
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
HTTPService httpservice.HTTPService
MM-10417 Add local image proxy and enable by default (#9967) * MM-10417 Add local image proxy and enable by default * Remove unused function * Add dependencies for willnorris/imageproxy * Fixed compilation errors * Lock to the master version of willnorris/imageproxy * Fix atmos/camo proxy when no SiteURL is specified * Re-add default values for deprecated settings * Fix unit tests added by merge * Pass imageproxy to App struct * Remove unneeded locking when creating the image proxy * Remove empty test file
2019-01-24 16:11:32 -04:00
ImageProxy *imageproxy.ImageProxy
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
Log *mlog.Logger
Migrate cluster to use Server struct directly. (#10101)
2019-01-15 09:09:25 -08:00
joinCluster bool
startMetrics bool
startElasticsearch bool
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
AccountMigration einterfaces.AccountMigrationInterface
Cluster einterfaces.ClusterInterface
Compliance einterfaces.ComplianceInterface
DataRetention einterfaces.DataRetentionInterface
Elasticsearch einterfaces.ElasticsearchInterface
Ldap einterfaces.LdapInterface
MessageExport einterfaces.MessageExportInterface
Metrics einterfaces.MetricsInterface
Saml einterfaces.SamlInterface
}
func NewServer(options ...Option) (*Server, error) {
rootRouter := mux.NewRouter()
s := &Server{
MM-10856: deduplicate posts with the same pending post id (#10006) * MM-10856: deduplicate posts with the same pending post id Leverage a fixed size cache with a window of 30 seconds to deduplicate posts received by a single app server. Clients that duplicate the same pending post id will see one request potentially delayed until the first finishes, after which the same payload should be returned by both. Duplicate posts outside the 30 second window will not be de-duplicated. Note that the cache is not synchronized between app servers. In an HA cluster consisting of more than one app server, sticky load balancing (e.g. hashing by IP or Session ID) is required to route the users to the same app instance for multiple requests. Other options considered for this feature: * adding a column to the `Posts` table: rejected as being too heavyweight * maintaining a `PendingPostIds` table: similarly rejected for the database impact * using the pending post id as the post id and relying on the unique constraints on the Post table: rejected for being difficult to show that it's safe to use a client-provided value as the row identifier * utils/lru: simplify to ttl internally and for new methods * move seenPendingPostIdsCache to App.Server * just fail concurrent post requests, vs. trying to wait * add debug log when create post is deduplicated
2018-12-17 18:16:57 -05:00
goroutineExitSignal: make(chan struct{}, 1),
RootRouter: rootRouter,
licenseListeners: map[string]func(){},
sessionCache: utils.NewLru(model.SESSION_CACHE_SIZE),
seenPendingPostIdsCache: utils.NewLru(PENDING_POST_IDS_CACHE_SIZE),
clientConfig: make(map[string]string),
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
}
for _, option := range options {
MM-13893: refactor config (#10230) * refactor utils/config* to config/ * pull validateLdapFilter into app * clean up Config/GetConfig/GetSanitizedConfig usage Eliminate app.GetConfig() in favour of just using app.Config() directly, but expose app.GetSanitizedConfig() for when the old behaviour was required. * web: isolate config setup * TestInvitePeopleProvider: make config explicit * regenerateClientConfig: avoid racey map access * integrate watch flag into app.ConfigFile option * make app.Option return an error * release.mk: only cp static files from config/ * release.mk: fix cp static files from config/ * api4: TestPlugin cleanup * s/c/cfg/ for clarity * fix merge conflict * testlib: allow customization of testlib driver name
2019-02-12 08:37:54 -05:00
if err := option(s); err != nil {
return nil, errors.Wrap(err, "failed to apply option")
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
}
MM-13893: introduce file store (#10243) * config file store Introduce an interface and concrete implementation for accessing the config. This mostly maps 1:1 with the exiting usage in `App`, except for internalizing the watcher. A future change will likely eliminate `App.PersistConfig()` and make this implicit on `Set` or `Patch` * experimental file test changes * emoji: move file driver checks from api4 to app It is no longer possible to app.UpdateConfig and provide an invalid configuration, making it hard to test this case. This check doesn't really belong in the api anyway, since it's a configuration validity check and not a permissions check. Either way, the check now occurs at the App level. * api4: generate valid public link salts for test * TestStartServerRateLimiterCriticalError: use mock store to test invalid config * remove config_test.go * remove needsSave, and have Load() save to the backing store as necessary * restore README.md * move ldap UserFilter check to model isValid checks * remove databaseStore until ready * remove unimplemented Patch * simplify unlockOnce implementation * revert forgetting to set s.Ldap * config/file.go: rename ReadOnlyConfigurationError to ErrReadOnlyConfiguration * config: export FileStore * add TestFileStoreSave * improved config/utils test coverage * restore config/README.md copy * tweaks * file store: acquire a write lock on Save/Close to safely close watcher * fix unmarshal_test.go
2019-02-12 14:19:01 -04:00
if s.configStore == nil {
configStore, err := config.NewFileStore("config.json", true)
if err != nil {
return nil, errors.Wrap(err, "failed to load config")
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
MM-13893: introduce file store (#10243) * config file store Introduce an interface and concrete implementation for accessing the config. This mostly maps 1:1 with the exiting usage in `App`, except for internalizing the watcher. A future change will likely eliminate `App.PersistConfig()` and make this implicit on `Set` or `Patch` * experimental file test changes * emoji: move file driver checks from api4 to app It is no longer possible to app.UpdateConfig and provide an invalid configuration, making it hard to test this case. This check doesn't really belong in the api anyway, since it's a configuration validity check and not a permissions check. Either way, the check now occurs at the App level. * api4: generate valid public link salts for test * TestStartServerRateLimiterCriticalError: use mock store to test invalid config * remove config_test.go * remove needsSave, and have Load() save to the backing store as necessary * restore README.md * move ldap UserFilter check to model isValid checks * remove databaseStore until ready * remove unimplemented Patch * simplify unlockOnce implementation * revert forgetting to set s.Ldap * config/file.go: rename ReadOnlyConfigurationError to ErrReadOnlyConfiguration * config: export FileStore * add TestFileStoreSave * improved config/utils test coverage * restore config/README.md copy * tweaks * file store: acquire a write lock on Save/Close to safely close watcher * fix unmarshal_test.go
2019-02-12 14:19:01 -04:00
s.configStore = configStore
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
[MM-13833] Configured unit tests to log through t.Log (#10272) * Rerouted the unit test logs through t.Log * resolving merge confilvts * Update testing.go * Update helper_test.go * Added godocs for NewTestingLogger * Added go docs for NewTestingLogger * Resolving conflicts
2019-02-14 23:22:11 +05:30
if s.Log == nil {
s.Log = mlog.NewLogger(utils.MloggerConfigFromLoggerConfig(&s.Config().LogSettings))
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
// Redirect default golang logger to this logger
mlog.RedirectStdLog(s.Log)
// Use this app logger as the global logger (eventually remove all instances of global logging)
mlog.InitGlobalLogger(s.Log)
s.logListenerId = s.AddConfigListener(func(_, after *model.Config) {
s.Log.ChangeLevels(utils.MloggerConfigFromLoggerConfig(&after.LogSettings))
})
Fixing initalization order. (#9916)
2018-11-30 08:07:08 -08:00
s.HTTPService = httpservice.MakeHTTPService(s.FakeApp())
MM-14574 Intercept log messages from local image proxy (#10668) * MM-14574 Switch willnorris/imageproxy to fork * MM-14574 Intercept log messages from local image proxy * Revert "MM-14574 Switch willnorris/imageproxy to fork" This reverts commit 046ab5c4216a5c6fee5bf8e2e0cceb1afffa6747. * Update willnorris/imageproxy
2019-04-24 11:55:37 -04:00
s.ImageProxy = imageproxy.MakeImageProxy(s, s.HTTPService, s.Log)
MM-10417 Add local image proxy and enable by default (#9967) * MM-10417 Add local image proxy and enable by default * Remove unused function * Add dependencies for willnorris/imageproxy * Fixed compilation errors * Lock to the master version of willnorris/imageproxy * Fix atmos/camo proxy when no SiteURL is specified * Re-add default values for deprecated settings * Fix unit tests added by merge * Pass imageproxy to App struct * Remove unneeded locking when creating the image proxy * Remove empty test file
2019-01-24 16:11:32 -04:00
[MM-14361] Initialise the translations before loading the config store (#10435)
2019-03-12 17:50:48 +00:00
if err := utils.TranslationsPreInit(); err != nil {
return nil, errors.Wrapf(err, "unable to load Mattermost translation files")
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
err := s.RunOldAppInitalization()
if err != nil {
return nil, err
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
model.AppErrorInit(utils.T)
deprecate timezones.json (#10311)
2019-02-25 12:07:45 -04:00
s.timezones = timezones.New()
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
// Start email batching because it's not like the other jobs
s.InitEmailBatching()
s.AddConfigListener(func(_, _ *model.Config) {
s.InitEmailBatching()
})
mlog.Info(fmt.Sprintf("Current version is %v (%v/%v/%v/%v)", model.CurrentVersion, model.BuildNumber, model.BuildDate, model.BuildHash, model.BuildHashEnterprise))
mlog.Info(fmt.Sprintf("Enterprise Enabled: %v", model.BuildEnterpriseReady))
pwd, _ := os.Getwd()
mlog.Info(fmt.Sprintf("Current working directory is %v", pwd))
MM-13893: introduce file store (#10243) * config file store Introduce an interface and concrete implementation for accessing the config. This mostly maps 1:1 with the exiting usage in `App`, except for internalizing the watcher. A future change will likely eliminate `App.PersistConfig()` and make this implicit on `Set` or `Patch` * experimental file test changes * emoji: move file driver checks from api4 to app It is no longer possible to app.UpdateConfig and provide an invalid configuration, making it hard to test this case. This check doesn't really belong in the api anyway, since it's a configuration validity check and not a permissions check. Either way, the check now occurs at the App level. * api4: generate valid public link salts for test * TestStartServerRateLimiterCriticalError: use mock store to test invalid config * remove config_test.go * remove needsSave, and have Load() save to the backing store as necessary * restore README.md * move ldap UserFilter check to model isValid checks * remove databaseStore until ready * remove unimplemented Patch * simplify unlockOnce implementation * revert forgetting to set s.Ldap * config/file.go: rename ReadOnlyConfigurationError to ErrReadOnlyConfiguration * config: export FileStore * add TestFileStoreSave * improved config/utils test coverage * restore config/README.md copy * tweaks * file store: acquire a write lock on Save/Close to safely close watcher * fix unmarshal_test.go
2019-02-12 14:19:01 -04:00
mlog.Info("Loaded config", mlog.String("source", s.configStore.String()))
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
license := s.License()
if license == nil && len(s.Config().SqlSettings.DataSourceReplicas) > 1 {
mlog.Warn("More than 1 read replica functionality disabled by current license. Please contact your system administrator about upgrading your enterprise license.")
s.UpdateConfig(func(cfg *model.Config) {
cfg.SqlSettings.DataSourceReplicas = cfg.SqlSettings.DataSourceReplicas[:1]
})
}
if license == nil {
s.UpdateConfig(func(cfg *model.Config) {
cfg.TeamSettings.MaxNotificationsPerChannel = &MaxNotificationsPerChannelDefault
})
}
s.ReloadConfig()
// Enable developer settings if this is a "dev" build
if model.BuildNumber == "dev" {
s.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableDeveloper = true })
}
if result := <-s.Store.Status().ResetAll(); result.Err != nil {
mlog.Error(fmt.Sprint("Error to reset the server status.", result.Err.Error()))
}
Migrate cluster to use Server struct directly. (#10101)
2019-01-15 09:09:25 -08:00
if s.joinCluster && s.Cluster != nil {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.FakeApp().RegisterAllClusterMessageHandlers()
s.Cluster.StartInterNodeCommunication()
}
Migrate cluster to use Server struct directly. (#10101)
2019-01-15 09:09:25 -08:00
if s.startMetrics && s.Metrics != nil {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.Metrics.StartServer()
}
Migrate cluster to use Server struct directly. (#10101)
2019-01-15 09:09:25 -08:00
if s.startElasticsearch && s.Elasticsearch != nil {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.StartElasticsearch()
}
s.initJobs()
if s.runjobs {
s.Go(func() {
runSecurityJob(s)
})
s.Go(func() {
runDiagnosticsJob(s)
})
s.Go(func() {
runSessionCleanupJob(s)
})
s.Go(func() {
runTokenCleanupJob(s)
})
s.Go(func() {
runCommandWebhookCleanupJob(s)
})
if complianceI := s.Compliance; complianceI != nil {
complianceI.StartComplianceDailyJob()
}
if *s.Config().JobSettings.RunJobs && s.Jobs != nil {
s.Jobs.StartWorkers()
}
if *s.Config().JobSettings.RunScheduler && s.Jobs != nil {
s.Jobs.StartSchedulers()
}
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
return s, nil
}
// Global app opptions that should be applied to apps created by this server
func (s *Server) AppOptions() []AppOption {
return []AppOption{
ServerConnector(s),
}
}
const TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN = time.Second
func (s *Server) StopHTTPServer() {
if s.Server != nil {
ctx, cancel := context.WithTimeout(context.Background(), TIME_TO_WAIT_FOR_CONNECTIONS_TO_CLOSE_ON_SERVER_SHUTDOWN)
defer cancel()
didShutdown := false
for s.didFinishListen != nil && !didShutdown {
if err := s.Server.Shutdown(ctx); err != nil {
mlog.Warn(err.Error())
}
timer := time.NewTimer(time.Millisecond * 50)
select {
case <-s.didFinishListen:
didShutdown = true
case <-timer.C:
}
timer.Stop()
}
s.Server.Close()
s.Server = nil
}
}
func (s *Server) Shutdown() error {
mlog.Info("Stopping Server...")
s.RunOldAppShutdown()
s.StopHTTPServer()
s.WaitForGoroutines()
if s.Store != nil {
s.Store.Close()
}
if s.htmlTemplateWatcher != nil {
s.htmlTemplateWatcher.Close()
}
s.RemoveConfigListener(s.configListenerId)
s.RemoveConfigListener(s.logListenerId)
MM-13893: introduce file store (#10243) * config file store Introduce an interface and concrete implementation for accessing the config. This mostly maps 1:1 with the exiting usage in `App`, except for internalizing the watcher. A future change will likely eliminate `App.PersistConfig()` and make this implicit on `Set` or `Patch` * experimental file test changes * emoji: move file driver checks from api4 to app It is no longer possible to app.UpdateConfig and provide an invalid configuration, making it hard to test this case. This check doesn't really belong in the api anyway, since it's a configuration validity check and not a permissions check. Either way, the check now occurs at the App level. * api4: generate valid public link salts for test * TestStartServerRateLimiterCriticalError: use mock store to test invalid config * remove config_test.go * remove needsSave, and have Load() save to the backing store as necessary * restore README.md * move ldap UserFilter check to model isValid checks * remove databaseStore until ready * remove unimplemented Patch * simplify unlockOnce implementation * revert forgetting to set s.Ldap * config/file.go: rename ReadOnlyConfigurationError to ErrReadOnlyConfiguration * config: export FileStore * add TestFileStoreSave * improved config/utils test coverage * restore config/README.md copy * tweaks * file store: acquire a write lock on Save/Close to safely close watcher * fix unmarshal_test.go
2019-02-12 14:19:01 -04:00
s.configStore.Close()
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if s.Cluster != nil {
s.Cluster.StopInterNodeCommunication()
}
if s.Metrics != nil {
s.Metrics.StopServer()
}
if s.Jobs != nil && s.runjobs {
s.Jobs.StopWorkers()
s.Jobs.StopSchedulers()
}
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
mlog.Info("Server stopped")
return nil
}
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
// Go creates a goroutine, but maintains a record of it to ensure that execution completes before
Moving app from singular to being created for every request (#9889) * Moving app from singular to being created for every request. * Automatic refactor * Adding license header * Feedback fixes
2018-11-28 10:56:21 -08:00
// the server is shutdown.
MM-12849 Moving all non request scoped items to Server struct (#9806) * Moving goroutine pool * Auto refactor * Moving plugins. * Auto refactor * Moving fields to server * Auto refactor * Removing siteurl duplication. * Moving reset of app fields * Auto refactor * Formatting * Moving niling of Server to after last use * Fixing unit tests.
2018-11-07 10:20:07 -08:00
func (s *Server) Go(f func()) {
atomic.AddInt32(&s.goroutineCount, 1)
go func() {
f()
atomic.AddInt32(&s.goroutineCount, -1)
select {
case s.goroutineExitSignal <- struct{}{}:
default:
}
}()
}
// WaitForGoroutines blocks until all goroutines created by App.Go exit.
func (s *Server) WaitForGoroutines() {
for atomic.LoadInt32(&s.goroutineCount) != 0 {
<-s.goroutineExitSignal
}
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge
2017-01-13 13:53:37 -05:00
}
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
var corsAllowedMethods = []string{
PLT-4938 Add app package and move logic over from api package (#4931) * Add app package and move logic over from api package * Change app package functions to return errors * Move non-api tests into app package * Fix merge
2017-01-13 13:53:37 -05:00
"POST",
"GET",
"OPTIONS",
"PUT",
"PATCH",
"DELETE",
first commit
2015-06-14 23:53:32 -08:00
}
redirect, vs. proxy, 80->443 without LE enabled (#9020) The code incorrectly got refactored to proxy instead of forward, deviating from the behaviour when LE is enabled.
2018-06-29 17:17:35 -04:00
// golang.org/x/crypto/acme/autocert/autocert.go
func handleHTTPRedirect(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" && r.Method != "HEAD" {
http.Error(w, "Use HTTPS", http.StatusBadRequest)
return
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
redirect, vs. proxy, 80->443 without LE enabled (#9020) The code incorrectly got refactored to proxy instead of forward, deviating from the behaviour when LE is enabled.
2018-06-29 17:17:35 -04:00
target := "https://" + stripPort(r.Host) + r.URL.RequestURI()
http.Redirect(w, r, target, http.StatusFound)
}
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
redirect, vs. proxy, 80->443 without LE enabled (#9020) The code incorrectly got refactored to proxy instead of forward, deviating from the behaviour when LE is enabled.
2018-06-29 17:17:35 -04:00
// golang.org/x/crypto/acme/autocert/autocert.go
func stripPort(hostport string) string {
host, _, err := net.SplitHostPort(hostport)
if err != nil {
return hostport
}
return net.JoinHostPort(host, "443")
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
func (s *Server) Start() error {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Info("Starting Server...")
Fixes mm-1355 adds rate limiting apis
2015-07-29 01:26:10 -08:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
var handler http.Handler = s.RootRouter
if allowedOrigins := *s.Config().ServiceSettings.AllowCorsFrom; allowedOrigins != "" {
exposedCorsHeaders := *s.Config().ServiceSettings.CorsExposedHeaders
allowCredentials := *s.Config().ServiceSettings.CorsAllowCredentials
debug := *s.Config().ServiceSettings.CorsDebug
MM-11160 Adding proper CORS support. (#9152) * Adding proper CORS support. * Better CORS tests.
2018-07-26 08:31:22 -07:00
corsWrapper := cors.New(cors.Options{
AllowedOrigins: strings.Fields(allowedOrigins),
AllowedMethods: corsAllowedMethods,
AllowedHeaders: []string{"*"},
ExposedHeaders: strings.Fields(exposedCorsHeaders),
MaxAge: 86400,
AllowCredentials: allowCredentials,
Debug: debug,
})
// If we have debugging of CORS turned on then forward messages to logs
if debug {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
corsWrapper.Log = s.Log.StdLog(mlog.String("source", "cors"))
MM-11160 Adding proper CORS support. (#9152) * Adding proper CORS support. * Better CORS tests.
2018-07-26 08:31:22 -07:00
}
handler = corsWrapper.Handler(handler)
}
Fixes mm-1355 adds rate limiting apis
2015-07-29 01:26:10 -08:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().RateLimitSettings.Enable {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Info("RateLimiter is enabled")
Fixes mm-1355 adds rate limiting apis
2015-07-29 01:26:10 -08:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
rateLimiter, err := NewRateLimiter(&s.Config().RateLimitSettings)
handle RateLimiter initialization errors (#8199) Previously, an error occuring in NewRateLimiter would return a nil reference – which would be de-referenced just after, making the server crash.
2018-02-06 10:57:34 +05:30
if err != nil {
Abort on critical error during server startup (#8204) Only a handful of critical errors are present in the codebase. They all occur during server startup (in `app.StartServer()`). Currently, when one of these critical error occurs, it is simpled mentionned in the logs – then the error is discarded, and the app attempts to continue the execution (and probably fails pretty quickly in a weird way). Rather than continuing operations in an unknow state, these errors should trigger a clean exit. This commit rewrites critical startup errors to be correctly propagated, logged, and then terminate the command execution. Additionnaly, it makes the server return a proper error code to the shell.
2018-02-07 13:41:15 +05:30
return err
handle RateLimiter initialization errors (#8199) Previously, an error occuring in NewRateLimiter would return a nil reference – which would be de-referenced just after, making the server crash.
2018-02-06 10:57:34 +05:30
}
Fixes mm-1355 adds rate limiting apis
2015-07-29 01:26:10 -08:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.RateLimiter = rateLimiter
handle RateLimiter initialization errors (#8199) Previously, an error occuring in NewRateLimiter would return a nil reference – which would be de-referenced just after, making the server crash.
2018-02-06 10:57:34 +05:30
handler = rateLimiter.RateLimitHandler(handler)
Fixes mm-1355 adds rate limiting apis
2015-07-29 01:26:10 -08:00
}
[MM-10199] Capture of stack traces into Mattermost logs (#10379) * [MM-10199] Printing stack traces from http handlers panics in mattermost logs Previously recovery handlers from gorilla mux was used, which was printing stack traces from panics in stderr Removing it should print stack traces into logger passed to http.Server, which as of now is created from mlog Refer #10351 * Logging errors from http server at error level instead of info level Added test for verifying whether panic gets logged in server logger * Fixed failing test due to tls error * Closing temp file for panic log before removing and checking errors for closure and removal * Added regular log line in panic handler for TestPanicLog to check whether it gets logged
2019-03-11 22:32:34 +05:30
// Creating a logger for logging errors from http.Server at error level
errStdLog, err := s.Log.StdLogAt(mlog.LevelError, mlog.String("source", "httpserver"))
if err != nil {
return err
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.Server = &http.Server{
[MM-10199] Capture of stack traces into Mattermost logs (#10379) * [MM-10199] Printing stack traces from http handlers panics in mattermost logs Previously recovery handlers from gorilla mux was used, which was printing stack traces from panics in stderr Removing it should print stack traces into logger passed to http.Server, which as of now is created from mlog Refer #10351 * Logging errors from http server at error level instead of info level Added test for verifying whether panic gets logged in server logger * Fixed failing test due to tls error * Closing temp file for panic log before removing and checking errors for closure and removal * Added regular log line in panic handler for TestPanicLog to check whether it gets logged
2019-03-11 22:32:34 +05:30
Handler: handler,
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
ReadTimeout: time.Duration(*s.Config().ServiceSettings.ReadTimeout) * time.Second,
WriteTimeout: time.Duration(*s.Config().ServiceSettings.WriteTimeout) * time.Second,
[MM-10199] Capture of stack traces into Mattermost logs (#10379) * [MM-10199] Printing stack traces from http handlers panics in mattermost logs Previously recovery handlers from gorilla mux was used, which was printing stack traces from panics in stderr Removing it should print stack traces into logger passed to http.Server, which as of now is created from mlog Refer #10351 * Logging errors from http server at error level instead of info level Added test for verifying whether panic gets logged in server logger * Fixed failing test due to tls error * Closing temp file for panic log before removing and checking errors for closure and removal * Added regular log line in panic handler for TestPanicLog to check whether it gets logged
2019-03-11 22:32:34 +05:30
ErrorLog: errStdLog,
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
addr := *s.Config().ServiceSettings.ListenAddress
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
if addr == "" {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
addr = ":https"
} else {
addr = ":http"
}
}
listener, err := net.Listen("tcp", addr)
if err != nil {
Abort on critical error during server startup (#8204) Only a handful of critical errors are present in the codebase. They all occur during server startup (in `app.StartServer()`). Currently, when one of these critical error occurs, it is simpled mentionned in the logs – then the error is discarded, and the app attempts to continue the execution (and probably fails pretty quickly in a weird way). Rather than continuing operations in an unknow state, these errors should trigger a clean exit. This commit rewrites critical startup errors to be correctly propagated, logged, and then terminate the command execution. Additionnaly, it makes the server return a proper error code to the shell.
2018-02-07 13:41:15 +05:30
errors.Wrapf(err, utils.T("api.server.start_server.starting.critical"), err)
return err
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.ListenAddr = listener.Addr().(*net.TCPAddr)
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Info(fmt.Sprintf("Server is listening on %v", listener.Addr().String()))
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
// Migration from old let's encrypt library
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.UseLetsEncrypt {
if stat, err := os.Stat(*s.Config().ServiceSettings.LetsEncryptCertificateCacheFile); err == nil && !stat.IsDir() {
os.Remove(*s.Config().ServiceSettings.LetsEncryptCertificateCacheFile)
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
}
}
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
m := &autocert.Manager{
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
Cache: autocert.DirCache(*s.Config().ServiceSettings.LetsEncryptCertificateCacheFile),
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
Prompt: autocert.AcceptTOS,
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.Forward80To443 {
improve error handling around invalid Forward80To443 settings (#8496) * If Forward80To443 is true, but not configured to listen on 443, fail to start the server with an error message. * If Forward80To443 is false and LetsEncrypt is true, fail to start the server with an error message.
2018-03-23 12:33:50 -04:00
if host, port, err := net.SplitHostPort(addr); err != nil {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Error("Unable to setup forwarding: " + err.Error())
improve error handling around invalid Forward80To443 settings (#8496) * If Forward80To443 is true, but not configured to listen on 443, fail to start the server with an error message. * If Forward80To443 is false and LetsEncrypt is true, fail to start the server with an error message.
2018-03-23 12:33:50 -04:00
} else if port != "443" {
return fmt.Errorf(utils.T("api.server.start_server.forward80to443.enabled_but_listening_on_wrong_port"), port)
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
} else {
Fix forward 80 to 443 to not bind on all interfaces. (#8360)
2018-02-23 15:33:36 -08:00
httpListenAddress := net.JoinHostPort(host, "http")
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.UseLetsEncrypt {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
server := &http.Server{
Addr: httpListenAddress,
Handler: m.HTTPHandler(nil),
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
ErrorLog: s.Log.StdLog(mlog.String("source", "le_forwarder_server")),
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
}
go server.ListenAndServe()
Fix forward 80 to 443 to not bind on all interfaces. (#8360)
2018-02-23 15:33:36 -08:00
} else {
go func() {
redirectListener, err := net.Listen("tcp", httpListenAddress)
if err != nil {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Error("Unable to setup forwarding: " + err.Error())
Fix forward 80 to 443 to not bind on all interfaces. (#8360)
2018-02-23 15:33:36 -08:00
return
}
defer redirectListener.Close()
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
server := &http.Server{
redirect, vs. proxy, 80->443 without LE enabled (#9020) The code incorrectly got refactored to proxy instead of forward, deviating from the behaviour when LE is enabled.
2018-06-29 17:17:35 -04:00
Handler: http.HandlerFunc(handleHTTPRedirect),
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
ErrorLog: s.Log.StdLog(mlog.String("source", "forwarder_server")),
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
}
server.Serve(redirectListener)
Fix forward 80 to 443 to not bind on all interfaces. (#8360)
2018-02-23 15:33:36 -08:00
}()
}
Moving to golang.org/x/crypto/acme/autocert for Let's Encrypt functionality. (#8165)
2018-01-30 10:12:42 -08:00
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
} else if *s.Config().ServiceSettings.UseLetsEncrypt {
improve error handling around invalid Forward80To443 settings (#8496) * If Forward80To443 is true, but not configured to listen on 443, fail to start the server with an error message. * If Forward80To443 is false and LetsEncrypt is true, fail to start the server with an error message.
2018-03-23 12:33:50 -04:00
return errors.New(utils.T("api.server.start_server.forward80to443.disabled_while_using_lets_encrypt"))
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.didFinishListen = make(chan struct{})
first commit
2015-06-14 23:53:32 -08:00
go func() {
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
var err error
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS {
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
tlsConfig := &tls.Config{
PreferServerCipherSuites: true,
CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
switch *s.Config().ServiceSettings.TLSMinVer {
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
case "1.0":
tlsConfig.MinVersion = tls.VersionTLS10
case "1.1":
tlsConfig.MinVersion = tls.VersionTLS11
default:
tlsConfig.MinVersion = tls.VersionTLS12
}
defaultCiphers := []uint16{
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if len(s.Config().ServiceSettings.TLSOverwriteCiphers) == 0 {
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
tlsConfig.CipherSuites = defaultCiphers
} else {
var cipherSuites []uint16
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
for _, cipher := range s.Config().ServiceSettings.TLSOverwriteCiphers {
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
value, ok := model.ServerTLSSupportedCiphers[cipher]
if !ok {
mlog.Warn("Unsupported cipher passed", mlog.String("cipher", cipher))
continue
}
cipherSuites = append(cipherSuites, value)
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
if len(cipherSuites) == 0 {
mlog.Warn("No supported ciphers passed, fallback to default cipher suite")
cipherSuites = defaultCiphers
}
tlsConfig.CipherSuites = cipherSuites
}
certFile := ""
keyFile := ""
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
if *s.Config().ServiceSettings.UseLetsEncrypt {
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
tlsConfig.GetCertificate = m.GetCertificate
tlsConfig.NextProtos = append(tlsConfig.NextProtos, "h2")
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
} else {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
certFile = *s.Config().ServiceSettings.TLSCertFile
keyFile = *s.Config().ServiceSettings.TLSKeyFile
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
s.Server.TLSConfig = tlsConfig
err = s.Server.ServeTLS(listener, certFile, keyFile)
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
} else {
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
err = s.Server.Serve(listener)
Adding ability to serve TLS directly from Mattermost server (#4119)
2016-10-03 16:03:15 -04:00
}
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
parallel tests (#7629)
2017-10-16 08:09:43 -07:00
if err != nil && err != http.ErrServerClosed {
Structured logging (#8673) * Implementing structured logging * Changes to en.json to allow refactor to run. * Fixing global logger * Structured logger initalization. * Add caller. * Do some log redirection. * Auto refactor * Cleaning up l4g reference and removing dependancy. * Removing junk. * Copyright headers. * Fixing tests * Revert "Changes to en.json to allow refactor to run." This reverts commit fd8249e99bcad0231e6ea65cd77c32aae9a54026. * Fixing some auto refactor strangeness and typo. * Making keys more human readable.
2018-04-27 12:49:45 -07:00
mlog.Critical(fmt.Sprintf("Error starting server, err:%v", err))
first commit
2015-06-14 23:53:32 -08:00
time.Sleep(time.Second)
}
Set default ciphers, set tls 1.2 via config, set curve prefs (#9315) Config Checks at StartUp Part1 Config Checks; Tests for TLS Server HSTS header implementation + tests make gofmt happy with new go version... make gofmt happy with new go version #2... fix logic bug fix typo Fix unnecessary code block
2018-10-16 16:51:46 +02:00
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
close(s.didFinishListen)
first commit
2015-06-14 23:53:32 -08:00
}()
Abort on critical error during server startup (#8204) Only a handful of critical errors are present in the codebase. They all occur during server startup (in `app.StartServer()`). Currently, when one of these critical error occurs, it is simpled mentionned in the logs – then the error is discarded, and the app attempts to continue the execution (and probably fails pretty quickly in a weird way). Rather than continuing operations in an unknow state, these errors should trigger a clean exit. This commit rewrites critical startup errors to be correctly propagated, logged, and then terminate the command execution. Additionnaly, it makes the server return a proper error code to the shell.
2018-02-07 13:41:15 +05:30
return nil
first commit
2015-06-14 23:53:32 -08:00
}
Miscellaneous app cleanup (#7594) * app cleanup * whoops, forgot a file * some minor cleanup * longer container deadline * defensive checks
2017-10-09 14:59:48 -07:00
origin checker refactor (#7889)
2017-11-22 15:58:03 -06:00
func (a *App) OriginChecker() func(*http.Request) bool {
if allowed := *a.Config().ServiceSettings.AllowCorsFrom; allowed != "" {
Add siteURL to WS origin check (#9183) * Add siteURL to WS origin check * Handle subpath * Only add site URL if not *
2018-07-30 17:21:57 -04:00
if allowed != "*" {
siteURL, err := url.Parse(*a.Config().ServiceSettings.SiteURL)
if err == nil {
siteURL.Path = ""
allowed += " " + siteURL.String()
}
}
origin checker refactor (#7889)
2017-11-22 15:58:03 -06:00
return utils.OriginChecker(allowed)
}
return nil
}
Cleanup related to context refactor (#9988)
2018-12-17 08:51:46 -08:00
func runSecurityJob(s *Server) {
doSecurity(s)
model.CreateRecurringTask("Security", func() {
doSecurity(s)
}, time.Hour*4)
}
func runDiagnosticsJob(s *Server) {
doDiagnostics(s)
model.CreateRecurringTask("Diagnostics", func() {
doDiagnostics(s)
}, time.Hour*24)
}
func runTokenCleanupJob(s *Server) {
doTokenCleanup(s)
model.CreateRecurringTask("Token Cleanup", func() {
doTokenCleanup(s)
}, time.Hour*1)
}
func runCommandWebhookCleanupJob(s *Server) {
doCommandWebhookCleanup(s)
model.CreateRecurringTask("Command Hook Cleanup", func() {
doCommandWebhookCleanup(s)
}, time.Hour*1)
}
func runSessionCleanupJob(s *Server) {
doSessionCleanup(s)
model.CreateRecurringTask("Session Cleanup", func() {
doSessionCleanup(s)
}, time.Hour*24)
}
func doSecurity(s *Server) {
s.DoSecurityUpdateCheck()
}
func doDiagnostics(s *Server) {
if *s.Config().LogSettings.EnableDiagnostics {
s.FakeApp().SendDailyDiagnostics()
}
}
func doTokenCleanup(s *Server) {
s.Store.Token().Cleanup()
}
func doCommandWebhookCleanup(s *Server) {
s.Store.CommandWebhook().Cleanup()
}
const (
SESSIONS_CLEANUP_BATCH_SIZE = 1000
)
func doSessionCleanup(s *Server) {
s.Store.Session().Cleanup(model.GetMillis(), SESSIONS_CLEANUP_BATCH_SIZE)
}
func (s *Server) StartElasticsearch() {
s.Go(func() {
if err := s.Elasticsearch.Start(); err != nil {
s.Log.Error(err.Error())
}
})
s.AddConfigListener(func(oldConfig *model.Config, newConfig *model.Config) {
if !*oldConfig.ElasticsearchSettings.EnableIndexing && *newConfig.ElasticsearchSettings.EnableIndexing {
s.Go(func() {
if err := s.Elasticsearch.Start(); err != nil {
mlog.Error(err.Error())
}
})
} else if *oldConfig.ElasticsearchSettings.EnableIndexing && !*newConfig.ElasticsearchSettings.EnableIndexing {
s.Go(func() {
if err := s.Elasticsearch.Stop(); err != nil {
mlog.Error(err.Error())
}
})
} else if *oldConfig.ElasticsearchSettings.Password != *newConfig.ElasticsearchSettings.Password || *oldConfig.ElasticsearchSettings.Username != *newConfig.ElasticsearchSettings.Username || *oldConfig.ElasticsearchSettings.ConnectionUrl != *newConfig.ElasticsearchSettings.ConnectionUrl || *oldConfig.ElasticsearchSettings.Sniff != *newConfig.ElasticsearchSettings.Sniff {
s.Go(func() {
if *oldConfig.ElasticsearchSettings.EnableIndexing {
if err := s.Elasticsearch.Stop(); err != nil {
mlog.Error(err.Error())
}
if err := s.Elasticsearch.Start(); err != nil {
mlog.Error(err.Error())
}
}
})
}
})
s.AddLicenseListener(func() {
if s.License() != nil {
s.Go(func() {
if err := s.Elasticsearch.Start(); err != nil {
mlog.Error(err.Error())
}
})
} else {
s.Go(func() {
if err := s.Elasticsearch.Stop(); err != nil {
mlog.Error(err.Error())
}
})
}
})
}
Reference in New Issue Copy Permalink